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Abstract 

Suppose x"^+ax^ is a permutation polynomial over Fp, where p > 5 
is prime and m > n > and a £ ¥*. We prove that gcd(m — n,p— 1) ^ 
{2,4}. In the special case that either (p — l)/2 or {p — l)/4 is prime, 
this was conjectured in a recent paper by Masuda, Panario and Wang. 



1 Introduction 

A polynomial over a finite field is called a permutation polynomial if it per- 
mutes the elements of the field. These polynomials have been studied in- 
tensively in the past two centuries. Permutation monomials are completely 
understood: for m > 0, permutes if and only if gcd(m, g — 1) = 1. 



*This work proves the conjectures stated in the first author's talk at the November 
2006 BIRS workshop on Polynomials over Finite Fields and Applications. The authors 
thank BIRS for providing wonderful facilities. The first author was at Carleton University 
when this research was performed. 
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However, even though dozens of papers have been written about them, per- 
mutation binomials remain mysterious. In this note we prove the following 
result: 

Theorem 1.1. If p > 5 is prime and f := x"^ + ax"^ permutes ¥p, where 
m > n > and a G F*, then gcd(m — n,p — 1) ^ {2, 4}. 

In case {p — l)/2 or {p — l)/A is prime, this was conjectured in the recent 
paper [2] by Panario, Wang and the first author. It is well-known that the 
gcd is not 1: for in that case, / has more than one root in Fp, since a;"^""" is 
a permutation polynomial. It is much more difficult to show that the gcd is 
not 2 or 4. 

In Section [2] we prove some general results about permutation binomials, 
and in particular we show that it suffices to prove Theorem 11.11 when m — n 
divides p — 1. Then we prove Theorem 11.11 in Section [31 

Throughout this paper, we want to ignore permutation binomials that are 
really monomials in disguise. Here one can disguise a permutation monomial 
(over Fq) by adding a constant plus a multiple of x'^ — x; such addition does 
not affect the permutation property. Thus, we say a permutation binomial 
of Fq is trivial if it is congruent modulo x'^ — x to the sum of a constant and 
a monomial. In other words, the nontrivial permutation binomials are those 
whose terms have degrees being positive and incongruent modulo q — I. 

2 Permutation binomials in general 

Lemma 2.1. // / is a permutation polynomial over ¥g, then the greatest 
common divisor of the degrees of the terms of f is coprime to q — 1. 

Proof. Otherwise / is a polynomial in x'^, where d > 1 divides q — 1, but x'^ 
is not a permutation polynomial so / is not one either. □ 

Lemma 2.2. Let d \ (g — 1), and suppose there are no nontrivial permutation 
binomials over Fg of the form x'^{x'^ + a). Then there are no nontrivial 
permutation binomials over F^ of the form x^{x^ + a) with gcd(/c, — 1) = d. 

Proof. Suppose f{x) := + a) permutes F^, where n,k.,a ^ 0. Let d = 

gcd(fc, q — 1). Pick r > such that kr = d (mod q — 1) and gcd(r, g — 1) = 1. 
Then f{x^) permutes Fg and f{x^) = x"'^{x'^ + a) (mod x'^ — x). □ 

Lemma 12.21 immediately implies the following result from [2] : 



2 



Corollary 2.3. If q — 1 is a Mersenne prime, then there are no nontrivial 
permutation binomials over ¥g. 

We give one further reduction along the lines of Lemma 12. 2t 

Lemma 2.4. Let d,n,e > satisfy d\{q — 1), gcd{ne,d) = 1 and n = e 
(mod {q—l)/d). Then x"' {x'^ + a) permutes ¥q if and only ifx'^{x'^ + a) does. 

Proof. Write / := + a) and g := + a). For any z & ¥q with 

z'^ = 1, we have f{zx) = z"'f{x); since gcd(n, = 1, this implies that the 
values of / on Fg comprise all the d*^ roots of the values of f{xY. Since 
f{xY = g{xY (mod x'' — x), the result follows. □ 

Finally, since we constantly use it, we give here a version of Hermite's 
criterion [1]: 

Lemma 2.5. A polynomial f G ¥q[x] is a permutation polynomial if and 
only if 

1. for each i with < i < q — 1, the reduction of /' modulo x'^ — x has 
degree less than q — I; and 

2. f has precisely one root in Fg. 



3 Proof of Theorem 1.1 



In this section we prove Theorem II. 1[ We treat the cases of gcd 2 and 4 
separately. 

Theorem 3.1. If p is prime and x^{x^ + a) is a nontrivial permutation 
binomial over ¥p, then gcd{k,p — 1) > 2. 

Proof. There are no nontrivial permutation binomials over F2 or F3, so we 
may assume p = 2i + 1 with i > 1. By Lemma [2.21 it suffices to show there 
are no nontrivial permutation binomials of the form / := x"(x'^ + a) with 
d G {1,2}. This is clear for d = 1 (since then /(O) = /(—a)), so we need 
only consider d = 2. Assume / := x"(x^ + a) is a permutation binomial. 
Lemma 12.11 implies n is odd. 
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Suppose ^ is odd. We will use Hermite's criterion with exponent ^ — 1; to 
this end, we compute 

£-1 
i=0 

Write f-^ = EtJ where k = {^~^)a^~^-\ Since £ - 1 < p and 

p is prime, each bi is nonzero. Thus, the degrees of the terms of f^'^ are 
precisely the elements of 

S = {ni-n,ni-n + 2,ni-n + A,...,ni-n + 2£-2}. 

Since i is odd, S consists of i consecutive even numbers, so it contains a 
unique multiple of p — 1 = 2£. Thus the reduction of f^~^ modulo — x has 
degree p — 1, which contradicts Hermite's criterion. 

If i is even then = X]i=o '^j^"^'''^*' where each q = is nonzero. 

The degrees of the terms of consist of the £ + 1 consecutive even numbers 
n£, n£ + 2, . . . , n£ + 2£. Since n is odd, n^ is not a multiple of p — 1 = 2i. Thus 

has a unique term of degree divisible by p — 1, which again contradicts 
Hermite's criterion. □ 

Theorem 3.2. If p is prime and x"'{x^ + a) is a nontrivial permutation 
binomial over ¥p, then gcd{k,p — 1) 7^ 4. 

Proof. Plainly we need only consider primes p with p = 1 (mod 4). By 
Lemma [2^21 it suffices to show there are no nontrivial permutation binomials 
of the form + a). By Lemma 12. we may assume n is odd. By 

Lemma 12.41 it suffices to show nonexistence with < n < (p— l)/4if 
p = 1 (mod 8), and with < n < (p — l)/2 if p = 5 (mod 8). Assume 
/ := x"'(x^ + a) is a nontrivial permutation binomial with n satisfying these 
constraints. 

First suppose p = 1 (mod 8), say p = 8£ + 1; here our assumption is 
< n < 2i. The set of degrees of terms of /^^ is 

S = {2in, 2in + 4, 2£n + 8, . . . , 2£n + 8£}. 

When i is even, S consists of 2i + l consecutive multiples of 4. Since n is odd, 
2in is not a multiple of 8i, so 5* contains precisely one multiple of p — 1 = 8£, 



- 1 

i 



-'x^\ 
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contradicting Hcrmitc's criterion. So assume ^ is odd; since 8£ + 1 is prime, 
we have £ > 5. Now the set of degrees of terms of /2^+2 jg 

S = {2en + 2n, lin + 2n + 4, 2£n + 2n + 8, . . . , Un + 2n + 4(2£ + 2)}. 

Here S consists of 2£+3 consecutive multiples of 4, so it contains a multiple of 
p — 1 = 8£. By Hermite's criterion, S must have at least two such multiples. 
Thus, divides either Un + 2n, Un + 2n + 4 or Un + 2n + 8, so £ divides 
either n, n + 2 or n + 4. Since £ > 5 and < n < 2£, we have n + 4 < 3£; 
since n is odd, it follows that i equals either n, n + 2 or n + 4. But then 
has a unique term of degree divisible by p — 1 = 8£, contradicting Hermite's 
criterion. 

Thus we have p = 5 (mod 8); write p = 4£ + 1 with i odd, where again 
< n < 2£. Suppose i = 1 (mod 4). If £ = 1 then / is trivial, so assume 
£ > 1. The set of degrees of terms of f^~^ is 

S = {n£ - n,ne - n + 4:,ne - n + 8, . . . ,ne - n + M - 4:}. 

Since i = 1 (mod 4), the set S consists of i consecutive multiples of 4, so 
S contains precisely one multiple oi p — 1 — Ai, contradicting Hermite's 
criterion. 

Thus i = 3 (mod 4). The set of degrees of terms of f^~^^ is 

S ^ {rd + n,n£ + n + A,n£ + n + 8, . . . ,n£ + n + M + A}. 

Since S consists of £ + 2 consecutive multiples of 4. it certainly contains a 
multiple of 4i, so (by Hermite's criterion) it must contain two such multiples. 
Thus either n(£ + 1) or n(£ + 1) + 4 is a multiple of M, so £ divides either 
n or n + 4. Since n is odd and < n < 2£, the only possibilities are 
n — £ or n — £ — A or {n,£) — (5,3). li n — £ — A then has degree 
M = p — 1, contradicting Hermite's criterion. If {n,£) = (5,3), then p = 13 
and a^^f{x^^) permutes F^; since a~^f{x^^) = a;^(x^ + a~^) (mod x^^' — x), 
it suffices to treat the case n = £. Finally, suppose n = £, so f = x^{x^ + a) 
permutes Fp. The degrees of the terms of /'^ are 

4£, A£ + 4, 4£ + 8, U + 12, 4£ + 16. 

We have our usual contradiction if the degree 4£ term is the unique term 
of with degree divisible by 4£, so the only remaining possibility is that 
4£ divides either 4, 8, 12 or 16. Since £ = 3 (mod 4), the only possibihty 
IS £ = 3. Finally, when £ = 3, the coefficient of in the reduction of 
modulo x^^ — X is + 4a, which must be zero (by Hermite), so — —4; but 
the cubes in F^g are ±1 and ±8, contradiction. □ 
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